PayPal Phishing and Apple Support Scams: February Malware Report

Last month, we saw a notable rise in malvertising and exploit kits. In the February malware report, it’s all about phishing. Specifically, we have been seeing quite a few phishing scams targeting PayPal users and some Apple tech support scams. Here’s what they look like and how you can avoid them.

PayPal Phishing

A new wave of authentic-looking Paypal phishes are hitting email inboxes as we write this. The stories the phishing e-mails tell, along with the technical implementation behind them, can be pretty convincing. While these types of phishing campaigns have been around for a long time, the newer ones are doing a pretty good job of creating urgency that entices users into clicking. Their ultimate goal is to steal money from you and even liquidate your bank accounts.

So what’s the best way to fight back? Be skeptical and do not click on any emails or links that you suspect may not have come from PayPal themselves. You can generally tell this by checking the actual email address of the sender (it might be paypal.co.us or something just a little bit off like that.) You can see one of these phishing emails below for an example:

Apple Support Scams

Attackers are also registering thousands of domains every day that look like “findmyphon[.]com” and “lphone-apple[.]com” (that’s an “ell”, not an “eye.”) They then include these in realistic emails to people, trying to convince them that they come from Apple’s official tech support team. These emails generally revolve around your account being “hacked” or an “important” notice regarding your data.

Both the e-mails and the websites (see screenshots below) look very much like Apple’s branding. It’s getting more and more difficult to “spot the phish,” as attackers get more clever, so solutions like two-factor authentication and Strongarm can keep attackers from stealing your credentials.

Below, you can see what some of these malicious sites look like:

Words of Wisdom from the February Malware Report

As our February malware report shows, attackers continue to up their game with their phishes. They’re getting better every day, and we’re not even close to the limit of sophistication they will achieve. Educate yourself, your employees, and your customers to be skeptical and not click on just anything. The strongest offense is a good defense!

That said, it’s impossible to avoid every single click on a bad link, and this is where Strongarm comes in. Strongarm protects you from the harm that phishing attacks can inflict, so when you have us set up as your DNS resolver, we can make sure that no attack makes it far enough to do damage to your business.